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This listing of claims will replace all prior versions, and listings, of claims in the application. 
Listing of Claims: 

1 (currently amended). A computer-readable medium having encoded thereon 
computer-executable instructions to perform a method of creating shadow pages for an 
address translation map, the address translation map comprising a page directory and a 
plurality of page tables, the page directory comprising links to the plurality of page tables, 
each of the page tables comprising links to a pluraUty of data pages, the page directory and 
page tables each being stored in one of the data pages, the method comprising: 

for at least one of the plurality of page tables, creating a first shadow page 
table based on said one of the plurality of page tables, said first shadow page table differing 
from said fifst one of the pluraUty of page tables in at least one of the following respects: 

at least one entry in said first shadow page table links to a different 
data page than that entry's corresponding link in said one of the plurality of page tables; and 

said first shadow page table contains one or more read-only links 
whose corresponding links in said one of the plurality of pages tables are read/write; and 

creating a shadow page directory based on the page directory, the page 
directory comprising a link to said one of the plurality of page tables, said shadow page 
directory comprising a link to said shadow page table instead of the link to said one of said 
plurality of page tables, 

wherein an item of software uses said page table to perform a non-address-mapping action 
that depends on data that has a characteristic that is present in said one of the plurality of page 
tables but not present in said first shadow page table. 

2 (original). The computer-readable medium of claim 1, wherein a policy governs 
access to a memory, wherein access to said memory based on said address translation map 
applied to said virtual address results in violation of said policy, and wherein access to said 
memory based on said shadow page directory and said first shadow page table being applied 
to said virtual address does not result in violation of said policy. 
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3 (original). The computer-readable medium of claim 1, wherein each of the data 
pages is stored at a particular frame of a memory, wherein said page directory is stored at a 
first frame, and wherein the method further comprises: 

maintaining a copy of said page directory at a second frame different from 
said first frame; and 

storing the shadow page directory at said first frame. 

4 (original). The computer-readable medium of claim 1, wherein said page directory 
comprises a link to a first-sized page, said first-sized page comprising a plurality of second- 
sized pages, and wherein the method fiirther comprises: 

creating a second shadow page table that comprises links to said 
plurality of second sized pages, wherein said shadow page directory comprises a link to said 
second shadow page table. 

5 (previously presented). A system for managing the use of a memory comprising: 

a memory comprising a plurality of individually-addressable components that 
can be read and written, each of the individually-addressable components having a physical 
address associated therewith; 

an address translation data structure that defines a mapping between virtual 
addresses and the physical addresses of the individually-addressable components; 

a memory manager that receives a request to access a first one of the 
individually-addressable components, said request identifying said first one of the 
individually-addressable components based on a virtual address, said memory manager 
translating said virtual address into the physical address of said first one of the individually- 
accessible components based on data that comprises a shadow representation of said address 
translation data structure, there being an item of software that uses said address translation 
data structure to perform a non-address-mapping action that depends on data that has a 
characteristic that is present in said address translation structure but not present in said 
shadow representation of said address translation structure. 
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6 (previously presented). The system of claim 5, wherein said memory is organized 
into a plurality of pages, said first one of the individually-addressable components being 
located within one of said pluraUty of pages, wherein said address translation data structure 
comprises: (1) a pluraUty of page tables that contain links to said plurality of pages, and (2) a 
page directory that contains links to said plurality of page tables, and wherein said shadow 
representation of said address translation data structure differs firom said address translation 
data structure with respect to at least one link. 

7 (previously presented). The system of claim 6, wherein each of the links contained 
in said page directory and said page tables contains one or more attributes, and wherein at 
least one link in said shadow representation differs fi-om a corresponding link in said address 
translation data structure with respect to at least one attribute. 

8 (original). The system of claim 6, wherein the page directory and each of the page 
tables is stored in one of said plurality of pages, each of the pages having a physical location 
descriptor associated therewith, each of the links in the page directory and page tables 
identifying one of the pages based on the physical location descriptor. 

9 (original). The system of claim 8, wherein said shadow representation includes an 
alternative version of at least one of said page directory or one of said page tables, and 
wherein said altemative version is stored at a page having a different physical location 
descriptor firom the page on which the altemative version is based. 

10 (previously presented). The system of claim 5, wherein a policy governs the 
accessibility of the memory, wherein the address translation data structure, exposes the 
memory to violation of the pohcy, and wherein the system further comprises: 

a memory access control manager that creates the shadow representation based 
on the address translation data structure and ensures that the shadow representation, if used to 
access the memory based on virtual addresses, does not result in violation of the policy. 
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1 1 (original). The system of claim 10, wherein the poUcy defines a portion of the 
memory as inaccessible, and wherein the memory access control manager ensures that the 
shadow representation does not expose a virtual address for said portion of the memory. 

12 (original). The system of claim 10, wherein the policy defines a portion of the 
memory as being readable but not writeable, and wherein the memory access control manager 
ensures that the shadow representation contains one or more attributes that mark the portion 
of memory as being read-only. 

13 (previously presented). The system of claim 10, wherein the memory access 
control manager ensures that the shadow representation contains one or more attributes that 
mark as read-only those portions of the memory that store at least one of: (1) the address 
translation data structure; and (2) the shadow representation. 

14 (previously presented). A method of executing a memory access request 
comprising: 

receiving an request to read or write a unit of a memory, said request 
identifying said unit of said memory based on a virtual address; 

accessing said unit of memory based on a representation of a map that defines 
a relationship between virtual addresses and physical addresses, said map being stored in one 
or more pages of said memory, said representation of said map comprising at least one 
shadow page that is based on a first one of said one or more pages, said map including at least 
one aspect which, if used to access said memory based on said virtual address, would result in 
violation of a memory access policy, said shadow page differing from said first one of said 
one or more pages in a manner such that use of said representation of said map to access said 
memory based on said virtual address does not violate said memory access policy, there 
being an item of software that uses said first one of said one or more pages to perform a non- 
address-mapping action that depends on data that has a characteristic that is present in said 
first one of said one or more pages but not present in said shadow page; and 



performing the read or write specified in said access request. 
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15 (original). The method of claim 14, wherein said memory access policy defines a 
portion of said memory as being inaccessible, wherein said map exposes writeable links to 
portions of said memory that define virtual address mappings, and wherein said 
representation of said map does not expose writeable links to portions of said memory that 
define virtual address mappings. 

16 (original). The method of claim 14, wherein said map comprises: (1) a plurality of 
tables that contain links to a set of said one or more pages, and (2) a directory that contains 
links to said plurality of tables, said at least one shadow page comprising a shadow directory 
that differs fi-om said directory in at least the respect that at least one link in the shadow 
directory points to a shadow page table instead of to one of said plurality of tables. 

17 (original). The method of claim 14, wherein said map comprises a plurality of 
tables that contain links to a set of said one or more pages, wherein said shadow page 
comprises a representation based on one of said tables, and wherein said shadow page 
contains a representation of a first link that exists in said one of said tables, wherein said first 
link is a read/write link in said one of said tables, and wherein said shadow page differs fi-om 
said one of said tables in that said shadow page's representation said first link is marked read- 
only. 

18 (original). The method of claim 14, wherein said shadow page comprises a 
directory, wherein said unit of memory is encompassed by a first-sized page that comprises a 
plurality of second-sized pages, wherein said map comprises a directory that contains a link 
to said first-sized page, wherein said shadow page is based on said directory, and wherein 
said shadow page differs fi-om said directory in that said shadow page contains a link to a 
table instead of a link to said first-sized page, wherein said table contains links to second- 
sized pages that are included within said first-sized page. 

19 (previously presented). A computer-readable medium having encoded thereon a 
data structure that is representative of an address translation map, the address translation map 
comprising a page directory, the directory comprising links to a plurality of page tables, each 
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of the page tables being stored at a particular frame within said computer-readable medium, 
each of the page tables comprising links to a plurality of pages of said computer-readable 
medium, the data stmcture comprising: 

a shadow page table that is based on a first one of the plurality of page tables; 

a shadow page directory that is based on the page directory, the page directory 
comprising a first entry that contains a link to said first one of the plurality of page tables, 
said shadow page table comprising a second entry that corresponds to the first entry, said 
second entry containing a link to said shadow page table instead of a link to said first one of 
the plurality of page tables, there being an item of software that uses said first one of the 
plurality of page tables to perform a non-address-mapping action that depends on data that 
has a characteristic that is present in said first one of the plurality of page tables but not 
present in said shadow page table, 

20 (original). The computer-readable medium of claim 19, wherein the first of the 
plurality of page tables is stored at a first frame, wherein the shadow page table is stored at a 
second fi-ame, and wherein the shadow page directory differs fi"om the page directory in the 
respect that a link in the page directory contains an identifier of said first firame and the 
corresponding link in the shadow page directory contains an identifier of said second fi"ame. 

21 (original). The computer-readable medium of claim 19, wherein said first of said 
plurality of page tables contains a link to a first one of the pages, wherein said shadow page 
table contains a link to a representation based on said first one of the pages instead of the link 
to the first one of the pages, said representation based on said first one of the pages being 
stored at a frame different firom said first one of the pages. 

22 (original). The computer-readable medium of claim 21, wherein said first one of 
the plurality of pages stores either the page directory or said first one of the plurality of page 
tables. 

23 (previously presented). The computer-readable medium of claim 22, wherein said 
first one of the plurality of page tables contains a link that specifies said first one of the 
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plurality of pages as being readable and writeable, and wherein the corresponding link in said 
shadow page table specifies said first one of the plurality of pages as being only readable. 

24 (original). The computer-readable medium of claim 19, wherein the page directory 
and said first one of the plurality of page tables contain at least one feature such that, if used 
to access a memory based on a virtual address, would result in a violation of a memory access 
policy, and wherein the shadow page directory and shadow page table contain data such that 
accessing the memory through said shadow page directory and said shadow page table based 
on said virtual address does not result in violation of said memory access policy. 
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